Open WiFi security policy...

Mon Dec 01 2003 00:00:00 GMT+0000 (Coordinated Universal Time)

There's a great article by Richard Shim on ZDNet that highlights some of the policy considerations for open (unencrypted) WiFi networks. It does a good job discussing some of the policy problems with open networks; that is, open intentionally or left open by default. Specifically:

_Although Wi-Fi law is still largely unsettled in the United States and Canada, people who run open Wi-Fi hubs could conceivably be held accountable for activities carried out on their networks by unauthorized users, according to Joseph Burton, an attorney with law firm Duane Morris.

"Is it possible a home owner can be liable for a lack of security on a wireless network? Yes, if they are negligent in setting up security," Burton said.

[...]

That could pose a legal risk if someone were to suffer damages as a result of activities conducted on an open Wi-Fi hub, Burton said. Individuals that gain unauthorized access to a wireless network that's providing a broadband connection can not only download illegal material [e.g., copyright infringement near the tort end of the spectrum and downloading child pornography near the criminal end. -jlh], but they could also use a hijacked network to launch spam, distribute a virus or steal data from resources on the network. In all these case, it would look like the owner of the connection had performed the acts.

That may not be enough to trigger liability, counter other legal experts, who note that the law is still largely unformed. Internet service providers in the United States have long enjoyed some protection from lawsuits related to the activities of their customers, and courts might extend that same principle to cover Wi-Fi providers. Still, the providers might find themselves on the wrong side of the law in some cases--for example, if they refuse to secure their network after repeated attacks.

[...]

_

_"Networking can still be a complicated process, and what we're trying to do first is make it as easy as possible for consumers to set up the networking," Eaton said. "Then they can work on enabling security."
_

I'm not so sure that last quote embodies much in the way of wisdom. It seems like saying, "We'll make sure that everyone in the world can pass on a disease before beefing up their immune systems." (I know, that's a pot-shot).

UPDATE (2003-12-01 14:42:28): Ernest Miller blogs about similar issues here.

Posted by joebeone at Diciembre 1, 2003 08:53 AM